Skip to main content

Controlling who can use the iOS app

iOS mobile access is off by default for every admin. Two gates must both be set before anyone can register an iPhone.

Gate 1 — Tenant-wide role gate

Controls which roles are eligible for mobile at all. Set via the API (dashboard controls are not yet available — same as the device list below):

PUT /api/v1/admin/settings/mobile-access-by-role
{"mobileAccess": {"analyst": true, "admin": true, "executive": false}}
  • Analyst — typically on
  • Admin — typically on
  • Executive — often off (they get summary email instead)

This is a tenant-wide policy and only super-admins can change it.

Gate 2 — Per-user opt-in

Even for an eligible role, each admin must individually be opted in:

PUT /api/v1/admin/admin-users/<admin-user-uuid>/mobile-access
{"enabled": true}

Why two gates?

The role gate defends against new hires automatically gaining phone access to production alerts. The per-user toggle lets you offboard someone's phone (leaving their laptop access intact) by flipping one switch; the next push attempt is blocked at the backend.

Auditing

Every toggle emits an audit log entry:

  • mobile.access.enabled / mobile.access.disabled — per-user
  • mobile.tenant_access.updated — role gate

Query the Audit log page to review who was granted / revoked.

Remote sign-out

To revoke a stolen or lost device:

  1. Web dashboard → the admin user's detail page.
  2. Find the registered devices list (future UI) or use the API:
DELETE /api/v1/admin/mobile/devices/<device-uuid>

This marks the device as revoked and the push pipeline skips it on the next alert.

The stored Keychain tokens remain on the device, so also rotate the admin's password / SSO session via the main Admin users action menu to fully invalidate any cached access.